VYPR

rpm package

suse/java-1_7_1-ibm&distro=SUSE Linux Enterprise Server for SAP Applications 12

pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012

Vulnerabilities (115)

  • CVE-2017-10053MedAug 8, 2017
    affected < 1.7.1_sr4.10-38.5.1fixed 1.7.1_sr4.10-38.5.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated at

  • CVE-2016-9843CriMay 23, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.

  • CVE-2016-9842HigMay 23, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

  • CVE-2016-9841CriMay 23, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

  • CVE-2016-9840HigMay 23, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

  • CVE-2017-1289HigMay 22, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.

  • CVE-2017-3544LowApr 24, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen

  • CVE-2017-3539LowApr 24, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network

  • CVE-2017-3533LowApr 24, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthen

  • CVE-2017-3511HigApr 24, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attack

  • CVE-2017-3509MedApr 24, 2017
    affected < 1.7.1_sr4.5-37.1fixed 1.7.1_sr4.5-37.1

    Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with networ

  • CVE-2016-5597MedOct 25, 2016
    affected < 1.7.1_sr3.60-31.2fixed 1.7.1_sr3.60-31.2

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.

  • CVE-2016-5573HigOct 25, 2016
    affected < 1.7.1_sr3.60-31.2fixed 1.7.1_sr3.60-31.2

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.

  • CVE-2016-5568CriOct 25, 2016
    affected < 1.7.1_sr3.60-31.2fixed 1.7.1_sr3.60-31.2

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.

  • CVE-2016-5556CriOct 25, 2016
    affected < 1.7.1_sr3.60-31.2fixed 1.7.1_sr3.60-31.2

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.

  • CVE-2016-5554MedOct 25, 2016
    affected < 1.7.1_sr3.60-31.2fixed 1.7.1_sr3.60-31.2

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.

  • CVE-2016-5542LowOct 25, 2016
    affected < 1.7.1_sr3.60-31.2fixed 1.7.1_sr3.60-31.2

    Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries.

  • CVE-2016-2183HigSep 1, 2016
    affected < 1.7.1_sr4.1-34.1fixed 1.7.1_sr4.1-34.1

    The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-dura

  • CVE-2016-3598CriJul 21, 2016
    affected < 1.7.1_sr3.50-28.2fixed 1.7.1_sr3.50-28.2

    Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.

  • CVE-2016-3511HigJul 21, 2016
    affected < 1.7.1_sr3.50-28.2fixed 1.7.1_sr3.50-28.2

    Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment.

Page 2 of 6